Secure Coprocessor What is Secure coprocessor: � Robust. (A system that is not easily or is not wholly affected by a bug in one aspect of it. ) � General-purpose computational environments. � Secure temper responsive physical package. � Trusted to execute the software correctly, despite physical attacks. . Broad Definition: A secure coprocessor consists of a computational engine and memory (at least a portion of which is designated as “secure”) contained in a physical package designed to render the contents of the secure memory unavailable to an adversary who physically attacks the device. Motivation: computation as well as cryptographic secrets inside the same secure box.
Secure Coprocessor Engineering and Business decisions � How powerful is the engine? Maximize computational power (e.g., use as big a CPU as is reasonable, good cryptographic accelerators). � How much memory? Support it with ample RAM. � How is it secured? Use a smaller amount of battery-backed RAM (BBRAM) as the non-volatile, secure memory. � How effective are the tamper protections? Assemble this on a circuit board with technology to actively sense tamper and near-instantly zeroize the SRAM.
Example: IBM 4758 PCI Cryptographic Coprocessor Other Examples IC chip cards, PCMCIA tokens, and “smart buttons”—might also be considered part of the secure coprocessing family. (With limited computation power and physical security.)
IBM 4758 PCI Cryptographic Coprocessor Features: 1. High security, programmable, 486-class processing PCI board. 2. Highly suitable for data processing and cryptography operations. 3. Specialized cryptographic electronics for random number generation, DES and public key algorithms. 4. Digitally signed software loading. 5. Tamper sensing and responding design (certified under USA FIPS 140-1 standard at levels 3 and 4 ). 6. Custom programming, user can implement his own application. (Require unique identifier and code signing key from IBM).
IBM 4758 PCI Cryptographic Coprocessor Performance: 1. Models 002 and 023 support up to 175 1024-bit RSA private key operations per second. 2. DES encryption throughput of 15.3 MBytes/second has been measured on fast host systems. Avalability: IBM4758 Model 002 and 023 PCI cryptographic processors are the latest generations of IBM4758 family. Available for i-series, p-series and older z-series and generally Intel based servers running Windows 2000. NOTE: IBM4758 model 023 has been withdrawn from 4 June, 2004.
Features of IBM4758 family
Terminologies FIPS PUB 140-1 The rigorous Security Requirements for Cryptographic Modules is the benchmark standard by which cryptographic implementations are measured. The highest level is 4. FIPS 140 is unique with its emphasis on clear testing criteria for anti-tamper design validation. DES Data Encryption Standard is a symmetric key block cipher developed in 1975. It was the first official U.S. government cipher intended for commercial use. RSA RSA is a public key cipher which can be used both for encrypting messages and making digital signatures. SHA The SHA (Secure Hash Algorithm) family is a set of related cryotographic hash functions designed by the National Security Agency (NSA) and published by the National Institute of Standards and Technology (NIST).
Security Model Sample lifecycle of a high-end secure coprocessor with active tamper response.
Application Design The hardware philosophy (more powerful and secure ) also shapes the model for application software. It is differentiator between week member of the family such as chip cards. • Protect the critical portion of the application software by having it execute inside the secure coprocessor • Exploit the computational power of the coprocessor by allowing this critical portion to be fairly complex. • Structure this critical software to exploit the fact that tamper destroys only contents of volatile DRAM/SRAM and the smaller BBRAM—but not, for example, the contents of FLASH or ROM.
Physical Security (design approaches) • tamper evidence , where packaging forces tamper to leave indelible physical changes. • tamper resistance , where the device packaging makes tamper difficult. • tamper detection , where the device actually is aware of tamper. • tamper response , where the device actively takes countermeasures upon tamper. Previous efforts – defence against penetration. Current efforts – defence against incorrect device operations allowing security functions to be bypassed - No provable tamper-proof system exists. - Designs get better and better, but so do the adversary’s skill and tools.
Tamper detect/response mechanism Detecting penetration 1. Sensing grid of conductors wrapped around the secure device. 2. Detecting changes in the properties (open, short, changes in conductivity) of conductors. 3. Ground shielding to reduce susceptibility to electromagnetic interference. Response to Tamper 1. Erase secrets that are contained in the unit, by erasing ( zeroizing ) a StaticRandom Access Memory (SRAM) that contains the secrets, 2. Erasing the operating memory and 3. Ceasing operation.
Attacks by manipulating conditions Temperature sensor Low temperatures will allow SRAM to retain its data. High temperatures will damages device processor Ionization Radiation detector These radiations will allow SRAM to retain its data and disrupt the device circuit operations. Voltage sensors Phase Locked loops Its prevent clock signals which are too fast ( signal with missing or extra pulses ) NOTE: Storing the same value in a bit in SRAM over long periods can also cause that value to imprint.
1. Shipping-condition specifications apply when the product is transported in its original IBM packaging. 2. MHz: Megahertz; MB: Megabytes; KB: Kilobytes; mbar: millibar.
Software Attacks We cannot rely on the device operating system, since we do not know what it will be—and a corrupt or faulty OS might be what we need to defend against. Hardware Access Locks (Ratchet locking ) In order to limit the abilities of rogue but privileged software, we use hardware locks : independent circuitry that restricts the activities of code executing on the main CPU.
Recommend
More recommend